An RBAC framework for time constrained secure interoperation in multi-domain environments

In emerging e-commerce applications, time constrained information sharing between different systems is becoming a common phenomenon. A flexible and efficient mechanism is needed to support short term time-based sharing policies between transient partners. In particular, the interacting domains need to establish a time-based inter-domain access policy without violating the original time-based security policies of the individual systems. In this paper, we address this issue using the generalized temporal role based access control (GTRBAC) framework. The proposed mechanism involves a system processing an inter-domain access requirement specification to extend or restructure its local GTRBAC policy with proper temporal constraints to allow its external partner domain to access its resources. The transformed local GTRBAC policy facilitates the inter-domain accesses while still conforming to the original local policy requirements.